Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Another place to have a look at could be /etc/pam.d/su whether there is anything used like pam_wheel.so while the user in question not being a member of group wheel. In your first example you are trying to gain root access - is an su for a normal user working in case he wants just to switch to another ordinary user?
The user in question has UID 1000. GID of "users" is 100.
Quote:
Originally Posted by Reuti
Another place to have a look at could be /etc/pam.d/su whether there is anything used like pam_wheel.so while the user in question not being a member of group wheel.
The system is not using pam, i.e. there is no /etc/pam.d.
Quote:
Originally Posted by Reuti
In your first example you are trying to gain root access - is an su for a normal user working in case he wants just to switch to another ordinary user?
No, it's the same: authentication failure whithot a password prompt.
I have just tried the following: I added the user to the "wheel" group. Then I changed ownership of /bin/su to root.wheel. That obviously removed the SUID bit:
Distribution: Slackware (mainly) and then a lot of others...
Posts: 855
Rep:
Guess this is all that we can do here. What I think we should do next is boot up with a live medium and then edit the /etc/passwd and /etc/shadow and see if that helps. This is the only thing I can think of now really.
If you need any more info please post back.
BTW sorry for the delay I was out for a long long time and did not have access to the internet.
Hope this helps.
Hmmm, unfortunately I am on a VPS and cannot perform that step :-( I'm actually trying to update (or downgrade) my udev libraries to see if its something related to that as it was hinted at in an Ubuntu post I have lost at the moment. If you can think of anything else please let me know!
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.